Warning: Permanently added '10.128.1.114' (ED25519) to the list of known hosts. 2024/09/18 19:39:03 ignoring optional flag "sandboxArg"="0" 2024/09/18 19:39:03 parsed 1 programs [ 50.659293][ T23] kauditd_printk_skb: 26 callbacks suppressed [ 50.659306][ T23] audit: type=1400 audit(1726688343.450:102): avc: denied { unlink } for pid=483 comm="syz-executor" name="swap-file" dev="sda1" ino=1929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 50.753042][ T483] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 50.851603][ T23] audit: type=1400 audit(1726688343.640:103): avc: denied { mounton } for pid=490 comm="syz-executor" path="/root/syzkaller.v4Vkir/syz-tmp/newroot/dev" dev="tmpfs" ino=12370 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 50.878471][ T23] audit: type=1400 audit(1726688343.680:104): avc: denied { mounton } for pid=490 comm="syz-executor" path="/dev/binderfs" dev="devtmpfs" ino=9916 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 51.125332][ T23] audit: type=1401 audit(1726688343.920:105): op=setxattr invalid_context="u:object_r:app_data_file:s0:c512,c768" [ 51.363423][ T518] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.371039][ T518] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.379739][ T518] device bridge_slave_0 entered promiscuous mode [ 51.387220][ T518] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.394243][ T518] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.402134][ T518] device bridge_slave_1 entered promiscuous mode [ 51.457652][ T518] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.465751][ T518] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.473987][ T518] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.481952][ T518] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.510449][ T444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 51.519504][ T444] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.527643][ T444] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.538058][ T396] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 51.546552][ T396] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.554004][ T396] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.564853][ T444] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 51.573172][ T444] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.580197][ T444] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.597597][ T444] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 51.614803][ T444] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 51.634055][ T444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 51.642519][ T444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 51.658600][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 51.672944][ T444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 51.684610][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready 2024/09/18 19:39:04 executed programs: 0 [ 52.110662][ T544] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.118664][ T544] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.126201][ T544] device bridge_slave_0 entered promiscuous mode [ 52.135443][ T544] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.142272][ T544] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.150372][ T544] device bridge_slave_1 entered promiscuous mode [ 52.209830][ T544] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.216992][ T544] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.224451][ T544] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.231489][ T544] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.261022][ T444] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 52.269072][ T444] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.276665][ T444] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.287155][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 52.295559][ T397] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.302380][ T397] bridge0: port 1(bridge_slave_0) entered forwarding state [ 52.321842][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 52.330409][ T397] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.337434][ T397] bridge0: port 2(bridge_slave_1) entered forwarding state [ 52.345897][ T397] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 52.375444][ T398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 52.384630][ T398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 52.392679][ T398] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 52.415943][ T398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 52.430170][ T398] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 52.441984][ T398] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 52.475338][ T23] audit: type=1400 audit(1726688345.270:106): avc: denied { read } for pid=548 comm="syz.0.15" name="kvm" dev="devtmpfs" ino=1133 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 52.484774][ T549] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 52.498780][ T23] audit: type=1400 audit(1726688345.270:107): avc: denied { open } for pid=548 comm="syz.0.15" path="/dev/kvm" dev="devtmpfs" ino=1133 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 52.538661][ T23] audit: type=1400 audit(1726688345.280:108): avc: denied { ioctl } for pid=548 comm="syz.0.15" path="/dev/kvm" dev="devtmpfs" ino=1133 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1 [ 52.601556][ T553] BUG: kernel NULL pointer dereference, address: 0000000000000086 [ 52.609403][ T553] #PF: supervisor instruction fetch in kernel mode [ 52.615962][ T553] #PF: error_code(0x0010) - not-present page [ 52.621692][ T553] PGD 1e83ea067 P4D 1e83ea067 PUD 1e83ee067 PMD 0 [ 52.628166][ T553] Oops: 0010 [#1] PREEMPT SMP KASAN [ 52.633249][ T553] CPU: 0 PID: 553 Comm: syz.0.16 Not tainted 5.4.281-syzkaller-04960-g22ddc50dfded #0 [ 52.642750][ T553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 [ 52.653046][ T553] RIP: 0010:0x86 [ 52.656420][ T553] Code: Bad RIP value. [ 52.660401][ T553] RSP: 0018:ffff8881e76cf308 EFLAGS: 00010086 [ 52.666407][ T553] RAX: ffff8881e76cf338 RBX: dffffc0000000000 RCX: ffff8881e79cbf00 [ 52.674394][ T553] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 52.682208][ T553] RBP: 0000000000000ec0 R08: ffffffff82316a81 R09: ffffffff811c8e45 [ 52.690268][ T553] R10: ffff8881e79cbf00 R11: 0000000000000002 R12: ffffffff84601550 [ 52.698371][ T553] R13: fffffe0000000ec8 R14: ffff8881e7568000 R15: fffffe0000000ecb [ 52.706362][ T553] FS: 00007ff7109b36c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 52.715464][ T553] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 52.721882][ T553] CR2: 000000000000005c CR3: 00000001e83fb000 CR4: 00000000003426b0 [ 52.730047][ T553] Call Trace: [ 52.733173][ T553] ? __die+0xb4/0x100 [ 52.737316][ T553] ? no_context+0xac7/0xd20 [ 52.741944][ T553] ? is_prefetch+0x4b0/0x4b0 [ 52.746476][ T553] ? rcu_preempt_deferred_qs+0xa4/0x2b0 [ 52.752689][ T553] ? __do_page_fault+0xa72/0xbb0 [ 52.757669][ T553] ? vmx_spec_ctrl_restore_host+0x83/0xfd [ 52.763799][ T553] ? __bad_area_nosemaphore+0xc0/0x470 [ 52.769910][ T553] ? page_fault+0x2f/0x40 [ 52.774170][ T553] ? __entry_text_end+0x4/0x4 [ 52.778846][ T553] ? vmx_handle_exit_irqoff+0x45/0x220 [ 52.784158][ T553] ? check_preemption_disabled+0x91/0x320 [ 52.789686][ T553] ? handle_external_interrupt_irqoff+0x148/0x2f0 [ 52.796021][ T553] ? handle_external_interrupt_irqoff+0x12a/0x2f0 [ 52.802283][ T553] ? __entry_text_end+0x4/0x4 [ 52.806878][ T553] ? vcpu_enter_guest+0x2d06/0x9f70 [ 52.811921][ T553] ? check_preemption_disabled+0x9f/0x320 [ 52.817899][ T553] ? debug_smp_processor_id+0x20/0x20 [ 52.823114][ T553] ? __free_pages_ok+0x847/0x950 [ 52.827964][ T553] ? __kvm_set_memory_region+0xda6/0xf60 [ 52.833444][ T553] ? check_preemption_disabled+0x9f/0x320 [ 52.839077][ T553] ? do_vfs_ioctl+0x742/0x1720 [ 52.843677][ T553] ? __x64_sys_ioctl+0xd4/0x110 [ 52.848354][ T553] ? do_syscall_64+0xca/0x1c0 [ 52.853055][ T553] ? debug_smp_processor_id+0x20/0x20 [ 52.858611][ T553] ? local_bh_enable+0x20/0x20 [ 52.863198][ T553] ? check_preemption_disabled+0x9f/0x320 [ 52.869007][ T553] ? newidle_balance+0x50a/0x930 [ 52.874027][ T553] ? check_preemption_disabled+0x9f/0x320 [ 52.880060][ T553] ? check_preemption_disabled+0x9f/0x320 [ 52.885788][ T553] ? debug_smp_processor_id+0x20/0x20 [ 52.891078][ T553] ? debug_smp_processor_id+0x20/0x20 [ 52.896374][ T553] ? dequeue_task_fair+0x4f4/0x12e0 [ 52.901499][ T553] ? llist_add_batch+0x91/0xb0 [ 52.906097][ T553] ? generic_exec_single+0x280/0x3e0 [ 52.911394][ T553] ? smp_call_function_single+0x4a0/0x4a0 [ 52.917400][ T553] ? __schedule+0xb0d/0x1320 [ 52.922104][ T553] ? smp_call_function_single+0x388/0x4a0 [ 52.927639][ T553] ? loaded_vmcs_clear+0x80/0x80 [ 52.932479][ T553] ? generic_smp_call_function_single_interrupt+0x10/0x10 [ 52.939512][ T553] ? check_preemption_disabled+0x9f/0x320 [ 52.945078][ T553] ? loaded_vmcs_clear+0x80/0x80 [ 52.949841][ T553] ? debug_smp_processor_id+0x20/0x20 [ 52.955053][ T553] ? schedule+0x143/0x1d0 [ 52.959394][ T553] ? get_cpu_entry_area+0x8/0x30 [ 52.964264][ T553] ? vmx_vcpu_load_vmcs+0x655/0x8b0 [ 52.969372][ T553] ? read_msr+0x40/0x40 [ 52.973365][ T553] ? check_preemption_disabled+0x9f/0x320 [ 52.978926][ T553] ? debug_smp_processor_id+0x20/0x20 [ 52.984218][ T553] ? kvm_arch_vcpu_ioctl_run+0x748/0x18d0 [ 52.989879][ T553] ? kvm_vcpu_ioctl+0x7f9/0xd10 [ 52.994630][ T553] ? preempt_count_add+0x8f/0x180 [ 52.999586][ T553] ? create_vcpu_fd+0x120/0x120 [ 53.004361][ T553] ? do_futex+0x13c1/0x19f0 [ 53.009048][ T553] ? kvm_reboot+0x40/0x40 [ 53.013234][ T553] ? create_vcpu_fd+0x120/0x120 [ 53.017917][ T553] ? do_vfs_ioctl+0x742/0x1720 [ 53.022503][ T553] ? ioctl_preallocate+0x250/0x250 [ 53.027559][ T553] ? __fget+0x407/0x490 [ 53.031590][ T553] ? fget_many+0x20/0x20 [ 53.035629][ T553] ? switch_fpu_return+0x1d4/0x410 [ 53.040574][ T553] ? security_file_ioctl+0x7d/0xa0 [ 53.045525][ T553] ? __x64_sys_ioctl+0xd4/0x110 [ 53.050209][ T553] ? do_syscall_64+0xca/0x1c0 [ 53.054724][ T553] ? entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 53.060714][ T553] Modules linked in: [ 53.064459][ T553] CR2: 0000000000000086 [ 53.068446][ T553] ---[ end trace 1cbd5ab278d5c579 ]--- [ 53.074177][ T553] RIP: 0010:0x86 [ 53.077928][ T553] Code: Bad RIP value. [ 53.081926][ T553] RSP: 0018:ffff8881e76cf308 EFLAGS: 00010086 [ 53.087927][ T553] RAX: ffff8881e76cf338 RBX: dffffc0000000000 RCX: ffff8881e79cbf00 [ 53.095812][ T553] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 53.103626][ T553] RBP: 0000000000000ec0 R08: ffffffff82316a81 R09: ffffffff811c8e45 [ 53.111556][ T553] R10: ffff8881e79cbf00 R11: 0000000000000002 R12: ffffffff84601550 [ 53.119768][ T553] R13: fffffe0000000ec8 R14: ffff8881e7568000 R15: fffffe0000000ecb [ 53.127662][ T553] FS: 00007ff7109b36c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 53.136498][ T553] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.143041][ T553] CR2: 000000000000005c CR3: 00000001e83fb000 CR4: 00000000003426b0 [ 53.151114][ T553] Kernel panic - not syncing: Fatal exception [ 53.157259][ T553] Kernel Offset: disabled [ 53.161516][ T553] Rebooting in 86400 seconds..